From 59073ffc4cdd17973fd38d38a3060bd0ad048414 Mon Sep 17 00:00:00 2001
From: TommyTran732 <57488583+tommytran732@users.noreply.github.com>
Date: Sun, 11 Apr 2021 03:52:36 -0400
Subject: [PATCH] Add Apparmor

It is pretty much the only properly working MAC system on Arch right now.
---
 install.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/install.sh b/install.sh
index 8be5eb4..ec85beb 100644
--- a/install.sh
+++ b/install.sh
@@ -110,7 +110,7 @@ mount $ESP /mnt/boot/efi
 
 # Pacstrap (setting up a base sytem onto the new root).
 echo "Installing the base system (it may take a while)."
-pacstrap /mnt base ${KERNEL} linux-firmware btrfs-progs grub grub-btrfs efibootmgr snapper sudo networkmanager wpa_supplicant &>/dev/null
+pacstrap /mnt base ${KERNEL} linux-firmware btrfs-progs grub grub-btrfs efibootmgr snapper sudo networkmanager wpa_supplicant apparmor &>/dev/null
 
 # Generating /etc/fstab.
 echo "Generating a new fstab."
@@ -146,6 +146,7 @@ sed -i -e 's,modconf block filesystems keyboard,keyboard keymap modconf block en
 UUID=$(blkid $Cryptroot | cut -f2 -d'"')
 sed -i 's/#\(GRUB_ENABLE_CRYPTODISK=y\)/\1/' /mnt/etc/default/grub
 sed -i -e "s,quiet,quiet cryptdevice=UUID=$UUID:cryptroot root=$BTRFS,g" /mnt/etc/default/grub
+sed -i -e "s#root=/dev/mapper/cryptroot#oot=/dev/mapper/cryptroot lsm=lockdown,yama,apparmor,bpf#g" /mnt/etc/default/grub
 echo "" >> /mnt/etc/default/grub
 echo "# Booting with BTRFS subvolume" >> /mnt/etc/default/grub
 echo "GRUB_BTRFS_OVERRIDE_BOOT_PARTITION_DETECTION=true" >> /mnt/etc/default/grub